This my basic, no-frills blog. It contains both posts about math and other topics. Lately, they've mostly been about linux and vim.
I eventually intend to add in a tag and category based word-cloud so that the blog is easier to navigate.
22 Sep 2017
There are many many tail probabilities for the Gaussian, and most use
some form of integration by parts. Duembgen’s paper on bounding
standard tail probabilities has
several, for example.
Let
$$\Prob( X \geq t) = T(t) = \int_{t}^{\infty} \exp(-x^2/2) \frac{1}{\sqrt{2\pi}} dx$$
Two simple inequalities obtained by integration by parts are:
$$\begin{aligned}
\frac{1}{\sqrt{2\pi}} \exp(-t^2/2) \left(\frac{1}{t} - \frac{1}{t^3}\right) \leq T(t) \leq \frac{1}{t} \exp(-t^2/2) \end{aligned}$$
Fleshed out versions of these calculations can be found anywhere; see
https://mikespivey.wordpress.com/2011/10/21/normaltails/.
Essentially one simply introduces $x/t$ into the integrand to obtain an
upper bound. The integrand now has a simple anti-derivative.
Here is a better bound, using a slightly cooler trick of introducing a
new independent variable.
Introduce an independent Gaussian variable $Y$ and consider
$T(t) = \Prob( Y \in \R, X \geq t)$ again. This is bounded above by the
probability of the exterior of the circle: $$\begin{aligned}
\Prob( Y \in \R, X \geq t)
& \leq \Prob( X^2 + Y^2 \geq t^2)\
& = \frac1{2 \pi} \int_t^{\infty} r e^{-r^2/2} dr \
& = \frac1{2 \pi} e^{-t^2/2} \end{aligned}$$ Certainly
$\frac1{2\pi} \leq \frac12$; this is the bound that appears frequently
in papers: $$
\frac{1}{L(1 + t)} \exp\left( -\frac{t^2}{2}\right) \leq T(t) \leq \frac{1}{2} \exp\left( -\frac{t^2}{2} \right).
$$ I haven’t worked out the details of the lower bound, but I assume
it’s quite similar.
11 Sep 2017
I had an extra iMac 27" (late 2011) that I wanted to use as a monitor
with my thinkpad that runs linux. This is quite easy to do and involves
something called Target display mode that the iMac can be put into.
I was concerned that this was a Mac-only mode and that it wouldn't work
on linux.
There are two computers involved:
thinkpad: drives the imac, runs linux
imac 27": works as an external display, has os x installed and an apple keyboard connected to it.
- First visit this page on apple's website and determine
what kind of connectors are supported in your imac. My thinkpad and
imac both have a mini display port connector. I bought one off
amazon for about \$15.
- Then install the arandr, and autorandr utilities on your linux box.
I use the newer fork of autorandr written in
python. arandr is a gui
that makes things a little easier.
- On the linux box, run the command,
while :; do xrandr | grep '
This should display a messages that shows what monitors are
connected
- Hit command + F2 on your imac to put it into target display mode.
You should see new "connected" messages appearing on your linux box.
-
At the same time, simultaneously run arandr, and hit activate on
your the arandr menu. This will automatically enable the external
monitor. You only have a window of about 5 seconds from when you hit
command + F2
on your imac until you activate the display on your
linux box. The alternative to using arandr is to have a command like
the following entered into a terminal that you're ready to hit enter
on:
xrandr --output eDP1 --mode 1920x1080 --output DP2-2 --mode 2560x1440
The problem with the latter method is that it requires you to know
the name that your display will be detected as. IN this case, it was
detected as DP2-2. I suppose, a priori, it ought to be possible to
determine what port the monitor is connected to, but I don't know
how.
-
This should activate the imac as an external display. Now you want
it to be automatically put into this display setting as soon as it
is detected. This is where the autorandr script and its udev rules
(that detect the external monitor being connected) come into play. I
used
autorandr -s imac-external
Then if you're on a systemd based distribution enable the
autorandr.service and start it up with
systemctl start autorandr
systemctl enable autorandr
both run as the root user. Make sure you've put the appropriate rule
into
/usr/lib/udev/rules.d/40-monitor-hotplug.rules
Then reload your udev rules using
udevadm control --reload-rules
Now your imac should be automatically detected and turned on when you 1)
turn on target display mode by hitting command + F2
and 2) connect
your laptop/desktop to the imac.
; date '+%T'; sleep 2s; done
This should display a messages that shows what monitors are
connected
Hit command + F2 on your imac to put it into target display mode.
You should see new "connected" messages appearing on your linux box.
At the same time, simultaneously run arandr, and hit activate on
your the arandr menu. This will automatically enable the external
monitor. You only have a window of about 5 seconds from when you hit
command + F2
on your imac until you activate the display on your
linux box. The alternative to using arandr is to have a command like
the following entered into a terminal that you're ready to hit enter
on:
xrandr --output eDP1 --mode 1920x1080 --output DP2-2 --mode 2560x1440
The problem with the latter method is that it requires you to know
the name that your display will be detected as. IN this case, it was
detected as DP2-2. I suppose, a priori, it ought to be possible to
determine what port the monitor is connected to, but I don't know
how.
This should activate the imac as an external display. Now you want
it to be automatically put into this display setting as soon as it
is detected. This is where the autorandr script and its udev rules
(that detect the external monitor being connected) come into play. I
used
autorandr -s imac-external
Then if you're on a systemd based distribution enable the
autorandr.service and start it up with
systemctl start autorandr
systemctl enable autorandr
both run as the root user. Make sure you've put the appropriate rule
into
/usr/lib/udev/rules.d/40-monitor-hotplug.rules
Then reload your udev rules using
udevadm control --reload-rules
Now your imac should be automatically detected and turned on when you 1)
turn on target display mode by hitting command + F2
and 2) connect
your laptop/desktop to the imac.
18 Aug 2017
The way to forward ssh is as follows. I essentially read the openssh
cookbook here
https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Tunnels
I have machine A (thinkpad), behind a firewall that cannot accept
incoming network connections. Then we have machine B (imac) that is also
behind a firewall that cannot accept incoming network connections. But
they can both connect to my home server. A simple schematic of the
allowed connections is as follows:
thinkpad --> shirl_dell_server
imac --> shirl_dell_server
I want to make a connection from
thinkpad --> imac
The way to do this is to use shirl_dell_server
as a relay to
circumvent the firewall that prevents incoming connections on the
thinkpad and imac. For example, my University does this. The way to do
this is to establish one normal ssh tunnel and one reverse ssh tunnel.
- From thinkpad run
ssh -fN -L 9000:localhost:9000 shirl_dell_server
This establishes a tunnel from local port 9000 (-L) to remote port
9000 on shirl_dell_server. The -N allows you not run any command
on the remote server -- it usually runs the login shell -- and the
-f allows the process to drop to the background.
-
From the imac run
ssh -fN -R 9000:localhost:22 shirl_dell_server
This establishs a reverse ssh tunnel from remote port 9000 (-R) to
the localport 22 where an sshd server is listening for incoming
connections.
-
Then from thinkpad, run
ssh -p 9000 localhost -l username
This would get forwarded to the remote server's 9000 port through
the ssh tunnel. The remote server would forward the incoming traffic
on 9000 to the imac's port 22 through the reverse ssh tunnel.
This would then show you an ssh login prompt.
Note that you may have to enable to options
AllowTcpForwarding yes
PermitTunnel yes
Note that disabling AllowTcpForwarding does not improve security as the
sshd_config
manpage says. Permitting tunnels, however, might decrease
security since it might allow you to circumvent other firewalls.
24 May 2017
Anacron fails silently on resume. It never runs the tasks its supposed
to run. My backups have been failing.
This is a a really annoying failure, and some features are being
implemented in systemd to fix this. See this debian
bugtracker.
My solution for this is to simply have anacron be run every hour by
cron. I have in /etc/cron.d/anacron
# /etc/cron.d/anacron: crontab entries for the anacron package
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
30 * * * * root test -x /etc/init.d/anacron && /usr/sbin/invoke-rc.d anacron start >/dev/null
which simply runs it every hour now. This is a little annoying, but it's
the best I can do. The debian bugtracker states that it's been fixed in
a future release of systemd. I don't really care because I'm using
Jessie. But Jessie is so old that apparently even critical bugs like
this don't get fixed.
22 May 2017
I've switched to pass for managing my
passwords on my linux box, nexus phone and android tablet. It's pretty
amazing.
Passwords are encrypted using pgp, and synchronized on my desktops using
dropbox. pass also has git support. So I push all my passwords to my
home ssh server using git. I can pull down these passwords to my android
phone and tablet using git packages and a pgp manager.
Setting pass up on android is a little painful. I use
- A pgp key management app.
- pass for
android
To get my private pgp key into the app, I do something fairly insecure.
I transfer my key onto a dropbox encfs partition. Then I access this
encfs partition using another app called
BoxCryptor Classic
Then I also need to generate an ssh keypair so that pass for android has
access to my ssh server at home. I again copy the public key to dropbox
and have my server copy it there into the authorized users file.
Passmenu (bundled with pass) is especially powerful since I use dmenu to
launch programs.